Vulnerability Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":June 1, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
257371	9.3	危険	マイクロソフト	-	複数の Microsoft 製品のテキストコンバーターにおける整数オーバーフローの脆弱性	CWE-94 コード・インジェクション	CVE-2009-2506	2010-01-22 10:27	2009-12-8	Show	GitHub Exploit DB Packet Storm

257372	9	危険	マイクロソフト	-	Microsoft Windows の Active Directory フェデレーションサービスにおける任意のコードを実行される脆弱性	CWE-20 不適切な入力確認	CVE-2009-2509	2010-01-22 10:27	2009-12-8	Show	GitHub Exploit DB Packet Storm

257373	6.9	警告	マイクロソフト	-	Microsoft Windows の Active Directory フェデレーションサービスのシングルサインオン実装における認証情報を取得される脆弱性	CWE-255 証明書・パスワード管理	CVE-2009-2508	2010-01-22 10:27	2009-12-8	Show	GitHub Exploit DB Packet Storm

257374	6.8	警告	マイクロソフト	-	Microsoft Windows の LSASS におけるサービス運用妨害 (DoS) の脆弱性	CWE-399 リソース管理の問題	CVE-2009-3675	2010-01-22 10:27	2009-12-8	Show	GitHub Exploit DB Packet Storm

257375	9.3	危険	マイクロソフト	-	Microsoft Project における任意のコードを実行される脆弱性	CWE-399 リソース管理の問題	CVE-2009-0102	2010-01-22 10:26	2009-12-8	Show	GitHub Exploit DB Packet Storm

257376	9.3	危険	マイクロソフト	-	Microsoft Internet Explorer におけるメモリ破損の脆弱性	CWE-94 コード・インジェクション	CVE-2009-3673	2010-01-22 10:26	2009-12-8	Show	GitHub Exploit DB Packet Storm

257377	9.3	危険	マイクロソフト	-	Microsoft Internet Explorer におけるメモリ破損の脆弱性	CWE-399 リソース管理の問題	CVE-2009-3671	2010-01-22 10:26	2009-12-8	Show	GitHub Exploit DB Packet Storm

257378	10	危険	マイクロソフト	-	Microsoft Windows のインターネット認証サービスにおけるネットワークリソースにアクセスされる脆弱性	CWE-255 CWE-94	CVE-2009-3677	2010-01-22 10:24	2009-12-8	Show	GitHub Exploit DB Packet Storm

257379	10	危険	マイクロソフト	-	Microsoft Windows のインターネット認証サービスにおける任意のコードを実行される脆弱性	CWE-287 不適切な認証	CVE-2009-2505	2010-01-22 10:24	2009-12-8	Show	GitHub Exploit DB Packet Storm

257380	6.9	警告	acpid	-	acpid の umask におけるサービス運用妨害 (DoS) の脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2009-4235	2010-01-21 11:44	2009-12-7	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:June 1, 2026, 4:12 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
247141	6.5	MEDIUM Network	lftp_project canonical opensuse	lftp ubuntu_linux leap	It has been discovered that lftp up to and including version 4.8.3 does not properly sanitize remote file names, leading to a loss of integrity on the local system when reverse mirroring is used. A r…	CWE-20 Improper Input Validation	CVE-2018-10916	2024-11-21 12:42	2018-08-1	Show	GitHub Exploit DB Packet Storm

247142	8.8	HIGH Adjacent	dell	emc_networker	Dell EMC NetWorker versions between 9.0 and 9.1.1.8 through 9.2.1.3, and the version 18.1.0.1 contain a Clear-Text authentication over network vulnerability in the Rabbit MQ Advanced Message Queuing …	CWE-319 CWE-522 Cleartext Transmission of Sensitive Information Insufficiently Protected Credentials	CVE-2018-11050	2024-11-21 12:42	2018-08-1	Show	GitHub Exploit DB Packet Storm

247143	8.8	HIGH Adjacent	redhat openstack	openstack tripleo_heat_templates	A vulnerability was found in openstack-tripleo-heat-templates before version 8.0.2-40. When deployed using Director using default configuration, Opendaylight in RHOSP13 is configured with easily gues…	CWE-798 Use of Hard-coded Credentials	CVE-2018-10898	2024-11-21 12:42	2018-07-31	Show	GitHub Exploit DB Packet Storm

247144	8.8	HIGH Network	prosody	prosody	prosody before versions 0.10.2, 0.9.14 is vulnerable to an Authentication Bypass. Prosody did not verify that the virtual host associated with a user session remained the same across stream restarts.…	CWE-287 Improper Authentication	CVE-2018-10847	2024-11-21 12:42	2018-07-31	Show	GitHub Exploit DB Packet Storm

247145	7.5	HIGH Network	cryptography canonical redhat	python-cryptography ubuntu_linux openstack	A flaw was found in python-cryptography versions between >=1.9.0 and <2.3. The finalize_with_tag API did not enforce a minimum tag length. If a user did not validate the input length prior to passing…	CWE-20 Improper Input Validation	CVE-2018-10903	2024-11-21 12:42	2018-07-31	Show	GitHub Exploit DB Packet Storm

247146	5.5	MEDIUM Local	debian linux canonical redhat	debian_linux linux_kernel ubuntu_linux enterprise_linux_desktop enterprise_linux_workstation enterprise_linux enterprise_linux_server	A flaw was found in the Linux kernel's ext4 filesystem. A local user can cause an out-of-bounds write in jbd2_journal_dirty_metadata(), a denial of service, and a system crash by mounting and operati…	-	CVE-2018-10883	2024-11-21 12:42	2018-07-31	Show	GitHub Exploit DB Packet Storm

247147	5.5	MEDIUM Local	linux debian canonical redhat	linux_kernel debian_linux ubuntu_linux enterprise_linux	A flaw was found in the Linux kernel's ext4 filesystem. A local user can cause an out-of-bound write in in fs/jbd2/transaction.c code, a denial of service, and a system crash by unmounting a crafted …	-	CVE-2018-10882	2024-11-21 12:42	2018-07-28	Show	GitHub Exploit DB Packet Storm

247148	5.5	MEDIUM Local	redhat	virtualization jboss_enterprise_application_platform wildfly_core	WildFly Core before version 6.0.0.Alpha3 does not properly validate file paths in .war archives, allowing for the extraction of crafted .war archives to overwrite arbitrary files. This is an instance…	CWE-22 Path Traversal	CVE-2018-10862	2024-11-21 12:42	2018-07-27	Show	GitHub Exploit DB Packet Storm

247149	5.5	MEDIUM Local	debian canonical linux redhat	debian_linux ubuntu_linux linux_kernel enterprise_linux_desktop enterprise_linux_workstation enterprise_linux_server enterprise_linux_for_real_time enterprise_linux_for_real_time…	A flaw was found in the Linux kernel's ext4 filesystem. A local user can cause an out-of-bound access in ext4_get_group_info function, a denial of service, and a system crash by mounting and operatin…	-	CVE-2018-10881	2024-11-21 12:42	2018-07-27	Show	GitHub Exploit DB Packet Storm

247150	7.8	HIGH Local	canonical linux debian redhat	ubuntu_linux linux_kernel debian_linux enterprise_linux_desktop enterprise_linux_workstation enterprise_linux enterprise_linux_server	A flaw was found in the Linux kernel's ext4 filesystem. A local user can cause a use-after-free in ext4_xattr_set_entry function and a denial of service or unspecified other impact may occur by renam…	-	CVE-2018-10879	2024-11-21 12:42	2018-07-27	Show	GitHub Exploit DB Packet Storm

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed